iOS 13 is just out and already the problems are piling up. Now Apple had even faced a security breach that has not been closed.
iOS has long been offering the ability to load alternative keyboard apps from the App Store instead of the iOS keyboard. These alternatives, such as Gboard and SwiftKey, have several advantages, including the use of multiple keyboard languages without having to switch languages. Now, however, Apple warns of a vulnerability that has surfaced only with the installation of the new iOS 13 update, and concerns only third-party keyboards.
Keyboards can get full access
Keyboards loaded from the App Store have two functions: they can either be installed directly and used without further ado. However, it is also possible to give the keyboards “full access” to enable additional features that require an Internet connection. Normally, the keyboard apps ask the user if they want full access before setting this option.
The problem in iOS 13 and iPadOS, according to Apple, is that the third-party keyboards get full access without the user knowing, and even when access is denied, reporting ” TechCrunch “. Apple has confirmed the vulnerability on a dedicated support page and announced it is working on an update. The link to the help page can be found here: https://support.apple.com/en-us/HT210613 .
Which data is at risk?
If third-party keyboards get full access, they can log every single keystroke and send it to their corporate servers. It lets businesses read just about anything users write on the keyboard-for example, messages and emails. However, passwords are protected from the vulnerability because the iPhone and iPad automatically change to Apple’s own keyboard for password entry.
Whether a subsequently installed keyboard app has full access can be found under Settings > General > Keyboard > Keyboards . Here are all installed keyboards listed. Simply selecting one of them will indicate if the app has full access or not.